Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/677FF110F4EF11EFB331E38A762E951A.roa
File: 677FF110F4EF11EFB331E38A762E951A.roa (raw, json)
Hash identifier: j6dpQKcYmdQTu6hEclsu4y0HlaK0fT0vqZfyLAA0TAM=
Subject key identifier: D4:55:D8:40:0E:10:BC:03:1A:B8:70:7D:4F:7A:09:3A:9B:1D:72:20
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016757
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/677FF110F4EF11EFB331E38A762E951A.roa
Signing time: Thu 27 Feb 2025 09:44:14 +0000
ROA not before: Thu 27 Feb 2025 09:44:10 +0000
ROA not after: Wed 26 Mar 2025 09:44:10 +0000
asID: 62240
IP address blocks: 154.195.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91991 (0x16757)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 09:44:10 2025 GMT
Not After : Mar 26 09:44:10 2025 GMT
Subject: CN=67c033ee-c118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:73:5c:1a:54:4c:51:22:ea:3a:13:b1:1b:f7:
17:8f:98:f5:67:f6:2f:3b:dd:2b:31:1b:e6:c7:19:
f9:a0:f6:ac:93:ae:ce:4d:c7:a1:64:69:d5:83:dc:
fb:e2:0a:16:c3:c4:2d:32:68:cd:c8:19:55:cd:a8:
48:c6:e3:1a:0e:a4:98:61:da:32:66:4f:19:f7:ee:
6c:8e:e8:2d:35:14:b2:e1:2c:7a:80:3c:c5:76:8a:
9e:08:9b:2f:cc:05:14:85:14:2d:53:d3:67:7c:f0:
80:11:ae:9e:e2:ab:87:a8:cf:fa:19:3c:7d:e8:0c:
ae:37:68:6e:d3:2f:15:49:68:40:03:aa:d4:51:0c:
23:47:a9:9f:6e:84:dc:37:1b:7e:b2:36:ad:f2:ed:
ed:f9:a0:32:4d:e8:6e:34:d5:a5:40:ae:f5:4d:2a:
2a:30:f3:68:fc:2f:f0:2f:09:29:97:9f:86:d4:c1:
c9:1e:aa:14:5b:77:2e:dc:d5:2f:bb:9f:67:fe:a0:
dc:fa:56:1f:25:ce:40:72:f4:ba:ac:24:95:bd:7d:
f9:3c:20:f6:bb:ae:e0:25:5d:b6:7e:34:63:ef:57:
d6:12:26:ad:fc:cb:70:87:93:28:6a:6f:ec:dd:f5:
36:cd:a9:2d:31:0a:73:34:db:8d:f7:b4:3b:ef:b0:
0d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:55:D8:40:0E:10:BC:03:1A:B8:70:7D:4F:7A:09:3A:9B:1D:72:20
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/677FF110F4EF11EFB331E38A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.99.0/24
Signature Algorithm: sha256WithRSAEncryption
33:db:8f:20:69:08:3f:53:2a:33:69:6c:d5:68:b7:0e:98:84:
49:eb:32:05:34:e4:7b:4f:35:4f:85:e3:67:4e:68:56:b4:be:
a4:e1:f2:b5:7f:b2:12:29:99:dd:39:d2:d5:d7:14:72:a0:44:
68:70:ae:e1:ca:86:c4:35:ea:d5:56:ef:6d:a3:4e:e9:6b:8d:
28:f7:c7:56:f4:fb:91:18:0f:77:ce:6d:e9:45:76:3a:d0:58:
99:2c:d4:d8:84:9f:6c:df:d8:c3:56:77:2f:13:d8:db:34:1e:
60:5a:1b:0a:84:1a:4d:5c:e4:31:2f:0f:c8:ba:7b:8e:fb:f1:
3c:c8:d6:34:77:07:e7:2c:11:d4:e4:8b:80:a3:03:8d:49:40:
84:43:2c:4b:ed:7a:ac:4c:13:20:ae:04:4b:41:85:d9:7a:c2:
9f:e6:79:dd:7b:35:7f:09:8d:9d:c5:ec:20:90:f4:2e:16:42:
0b:7f:bb:07:eb:4a:f1:fc:47:0e:d9:d6:fc:d4:cd:2f:db:5d:
49:5e:ec:04:70:43:5e:e7:5b:63:7c:54:aa:22:93:79:84:5f:
0d:9f:20:d4:c8:a7:6a:a7:6f:ab:41:69:d2:af:67:3f:e2:80:
92:81:6b:de:71:b0:1d:4f:ab:c0:c8:cb:41:36:57:d7:f4:65:
05:8c:8d:4e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWdXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDk0NDEwWhcNMjUwMzI2MDk0NDEwWjAYMRYw
FAYDVQQDEw02N2MwMzNlZS1jMTE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzXNcGlRMUSLqOhOxG/cXj5j1Z/YvO90rMRvmxxn5oPask67OTcehZGnV
g9z74goWw8QtMmjNyBlVzahIxuMaDqSYYdoyZk8Z9+5sjugtNRSy4Sx6gDzFdoqe
CJsvzAUUhRQtU9NnfPCAEa6e4quHqM/6GTx96AyuN2hu0y8VSWhAA6rUUQwjR6mf
boTcNxt+sjat8u3t+aAyTehuNNWlQK71TSoqMPNo/C/wLwkpl5+G1MHJHqoUW3cu
3NUvu59n/qDc+lYfJc5AcvS6rCSVvX35PCD2u67gJV22fjRj71fWEiat/Mtwh5Mo
am/s3fU2zaktMQpzNNuN97Q777ANTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNRV
2EAOELwDGrhwfU96CTqbHXIgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NzdGRjExMEY0RUYxMUVGQjMzMUUzOEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsNjMA0GCSqGSIb3DQEB
CwUAA4IBAQAz248gaQg/UyozaWzVaLcOmIRJ6zIFNOR7TzVPheNnTmhWtL6k4fK1
f7ISKZndOdLV1xRyoERocK7hyobENerVVu9to07pa40o98dW9PuRGA93zm3pRXY6
0FiZLNTYhJ9s39jDVncvE9jbNB5gWhsKhBpNXOQxLw/IunuO+/E8yNY0dwfnLBHU
5IuAowONSUCEQyxL7XqsTBMgrgRLQYXZesKf5nndezV/CY2dxewgkPQuFkILf7sH
60rx/EcO2db81M0v211JXuwEcENe51tjfFSqIpN5hF8NnyDUyKdqp2+rQWnSr2c/
4oCSgWvecbAdT6vAyMtBNlfX9GUFjI1O
-----END CERTIFICATE-----
Generated at Fri May 9 06:57:20 2025 by rpki-client